Protect your CAs from being lost or destroyed
With the growing emphasis on information security, many companies turn to digital certificates to help increase the level of security on their networks. If your network relies on digital certificates, however, you need to implement some disaster-prevention and recovery techniques to protect your digital certificates and the Certificate Authorities (CAs) that issue them. A brief review of public key infrastructure (PKI) and an introduction to digital certificates and their CAs will get you started. Then, let's examine some methods designed to help you better guard your certificates, your CAs, and the certificate databases that contain your CAs.
A Brief Anatomy of Public Key Encryption
You use digital certificates in conjunction with a public key infrastructure (PKI). The idea behind a PKI is that you use two keys—a public key and a private key—to protect data. The public key, which encrypts data and verifies a digital signature, you make widely available. After the public key has encrypted data, only the corresponding private key can decrypt that data. Therefore, you must closely guard private keys, usually storing them either on the computer of the user who owns them or within the user’s roaming profile. . . .
Register
